Interested to Buy Any Domain ? << Click Here >> for more details...
Which of the following is a control to detect an
unauthorized change in a production environment?
A. Denying programmers access to production data.
B. Requiring change request to include benefits and costs.
C. Periodically comparing control and current object and
source programs.
D. Establishing procedures for emergency changes.
- 1 Answers
- 7964 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: C
Running the code comparison program on the control and
current object and source programs allows for the detection
of unauthorized changes in the production environment.
Choices A, B and D are preventive controls that are
effective as long as they are being applied consistently.
| Is This Answer Correct ? | 3 Yes | 2 No |
When developing a risk-based audit strategy, an IS auditor should conduct a risk assessment to ensure that:
The primary goal of a web site certificate is: A. authentication of the web site to be surfed through. B. authentication of the user who surfs through that site. C. preventing surfing of the web site by hackers. D. the same purpose as that of a digital certificate.
In a business continuity plan, there are several methods of providing telecommunication continuity. One method is diverse routing which involves: A. providing extra capacity with the intent of using the surplus capacity should the normal primary transmission capability not be available. B. routing information via other alternate media such as copper cable or fiber optics. C. providing diverse long-distance network availability utilizing T-1 circuits among the major long-distance carriers. D. routing traffic through split-cable facilities or duplicate-cable facilities.
Which of the following is a control over component communication failure/errors? A. Restricting operator access and maintaining audit trails B. Monitoring and reviewing system engineering activity C. Providing network redundancy D. Establishing physical barriers to the data transmitted over the network
To reduce the possibility of losing data during processing, the FIRST point at which control totals should be implemented is: A. during data preparation. B. in transit to the computer. C. between related computer runs. D. during the return of the data to the user department.
Congestion control is BEST handled by which OSI layer? A. Data link B. Session layer C. Transport layer D. Network layer
During which phase of a system development process should an IS auditor first raise the issue of application controls? A. Construction B. System design C. Acceptance testing D. Functional specification
If an application program is modified and proper system maintenance procedures are in place, which of the following should be tested? The: A. integrity of the database B. access controls for the applications programmer C. complete program, including any interface systems D. segment of the program containing the revised code
In a risk-based audit approach, an IS auditor should FIRST complete :
A primary function of risk management is the identification of cost-effective controls. In selecting appropriate controls, which of the following methods is best to study the effectiveness of adding various safeguards in reducing vulnerabilities? A. "What if" analysis B. Traditional cost/benefit analysis C. Screening analysis D. A "back-of-the-envelope" analysis
Analysis of which of the following would MOST likely enable the IS auditor to determine if a non-approved program attempted to access sensitive data? A. Abnormal job termination reports B. Operator problem reports C. System logs D. Operator work schedules
During a review of a business continuity plan, an IS auditor noticed that the point at which a situation is declared to be a crisis has not been defined. The MAJOR risk associated with this is that: A. assessment of the situation may be delayed. B. execution of the disaster recovery plan could be impacted. C. notification of the teams might not occur. D. potential crisis recognition might be delayed.
Cisco Certifications 
